FDA Final Cyber Guidance is out
The FDA has released their new guidance, which will be broadly impactful.
Shostack + Friends Blog
Comparing Retrospectives
We can learn a lot from comparing retrospectives
Open training: Threat Modeling for Champs (October)
Seats are available in our October training
Application and AI roundup - August
Lots of interesting work in LLMs (again)
Airline Close Calls
Thoughts on an article on near misses
Use the Defcon Wifi
Why it’s ok to use the Defcon wifi
SEC Cybersecurity Rules
The SEC has important new cybersecurity rules
Chuck, Acme, and Remediation Avoidance
Threat modeling really CAN save you money, just ask Chuck!
Threat Modeling and Secure by Design
Our feedback to CISA is now public
Valorizing Rule-breaking
Microsoft Can Fix Ransomware Tomorrow
My latest at Dark Reading draws attention to how Microsoft can fix ransomware tomorrow.
No guns please
Art imitating life in ways you didn’t think possible
Worthwhile Books Q2 2023
Books that I read in the second quater that are worth your time include two memoirs, a great book on the security of ML, and more!
AI will be the high interest credit card of 2023
AppSecPNW 2023
Adam's AppSecPNW 2023 keynote